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AMENDMENTS TO THE CLAIMS: 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

LISTING OF CLAIMS: 

1 . (Currently Amended) Network security system for detecting security 
relevant irregularities in a network, comprising: 

data sources located on af>d/ or constituting the network, with means for 
generating network-security relevant data; 

an input module, with input handlers for various protocols to connect to the 
data sources; 

at least one processing module, connected to said input module for access to 
said data sources, with means for translating said network-security relevant data into 
quantitative variables; 

a supervisory system, with means for presenting the quantitative variables 
processed data to a security system operator; and 

an interface module, with means for transferring said quantitative variables 
from the processing module to the supervisory system. 

2. (Currently Amended) Security system as in claim 1 , wherein said data 
sources comprise at least one of routers, firewalls, hosts, applications, switches, 
NIDS, and HIPS or any combinat i on th e r e of . 
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3. (Currently Amended) Security system as in claim 1 , wherein the 
network-security relevant data comprises: 

at least one of numerical values maintained via increment/decrement 
operations, rate calculations, pass-through of values o f and evaluation of 
mathematical expressions involving multiple values ; and or any comb i nat i on ther e of, 
and /or 

at least one of textual values maintained via template matching, text 
transformation, text translation, a«d composition of text from templates, text strings 
from incoming data and numerical values from incoming data or any comb i nat i on 
thereof . 

4. (Currently Amended) Security system as in claim 1 , wherein said 
supervisory system comprises: 

means for displaying said quantitative variables to a system operator, and 
reaction facilities with means for initiating predefined countermeasures. 

5. (Previously Presented) Security system as in claim 1, wherein the 
processing modules act on individual incoming data messages and batches of those 
messages. 

6. (Currently Amended) Security system as in claim 4r 4, wherein the 
displaying means display the quantitative variables secur i ty status/health i nformat i on 
as quantitative trend graphs with historical data storage and zoom in/out function. 



Attorney's Docket No. 1004501-000848 
Application No. 10/582,633 

Page 5 

7. (Currently Amended) Security system as in claim 4-r4, wherein the 
displaying means display a schematical depiction of the network and device 
structure and topology. 

8. (Currently Amended) Security system as in claim 7, wherein the v i sual 
e le m e nts d e note schematic depiction denotes security status by m e ans of based on 
at least one of coloring, and/or num e rical and/or numerical and textual annotations^ 

9. (Previously Presented) Security system as in claim 1 , wherein the 
system further comprises: 

storage means for maintaining temporary and persistent records of the 
results of the processing steps for later in-depth analysis. 

10. (Currently Amended) Automation system operator workstation in a 
network with an automation system, comprising: 

means for controlling the processes of the automation system over the 
network, said controlling means comprising a human machine interface with means 
for displaying information about the automation system to an automation system 
operator and means for entering commands for controlling the automation system, 
said automation system operator workstation being connected to a security system 
as claimed in claim 1 , wherein the supervisory system is integrated into the 
automation system controlling means, sa i d status and tr e nd pres e nt i ng m e ans the 
quantitative variables being included in the information displaying system of the 
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human machine interface, and said a_countermeasures initiating means being 
integrated in the a_commands entering means. 

1 1 . (New) Automation system operator workstation as in claim 10, wherein 
the data sources comprise at least one of routers, firewalls, hosts, applications, 
switches, NIDS, and HIDS. 

12. (New) Automation system operator workstation as in claim 10, wherein 
the network-security relevant data comprises: 

at least one of numerical values maintained via increment/decrement 
operations, rate calculations, pass-through of values or evaluation of mathematical 
expressions involving multiple values; and 

at least one of textual values maintained via template matching, text 
transformation, text translation, and composition of text from templates, text strings 
from incoming data and numerical values from incoming data. 

13. (New) Automation system operator workstation as in claim 10, wherein 
the supervisory system comprises: 

means for displaying said quantitative variables to an system operator, and 
reaction facilities with means for initiating predefined countermeasures. 

14. (New) Automation system operator workstation as in claim 10, wherein 
the processing modules act on individual incoming data messages and batches of 
those messages. 
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15. (New) Automation system operator workstation as in claim 13, wherein 
the displaying means display the quantitative variables as quantitative trend graphs 
with historical data storage and zoom in/out function. 

16. (New) Automation system operator workstation as in claim 13, wherein 
the displaying means display a schematical depiction of the network and device 
structure and topology. 

17. (New) Automation system operator workstation as in claim 16, wherein 
the schematic depiction denotes security status based on at least one of coloring, 
numerical and textual annotations. 

18. (New) Automation system operator workstation as in claim 10, wherein 
the system further comprises: 

storage means for maintaining temporary and persistent records of the results 
of the processing steps for later in-depth analysis. 



